Export limit exceeded: 19663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19663 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4093 | 1 Yourownbux | 1 Yourownbux | 2026-04-23 | N/A |
| SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and 3.2 beta, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||
| CVE-2008-4092 | 1 Myphpnuke | 1 Myphpnuke | 2026-04-23 | N/A |
| SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the artid parameter. | ||||
| CVE-2008-4091 | 1 Source Workshop | 1 Web Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Web Directory Script 1.5.3 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | ||||
| CVE-2008-4090 | 1 Couponscript | 1 Coupon Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672. | ||||
| CVE-2008-4088 | 1 Myphpnuke | 1 Myphpnuke | 2026-04-23 | N/A |
| SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2008-0670 | 1 Joomla | 1 Com Noticias | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | ||||
| CVE-2007-5678 | 1 Phpbasic | 1 Phpbasic | 2026-04-23 | N/A |
| SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI. | ||||
| CVE-2008-6573 | 1 Avaya | 1 Communication Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request to the SIP server. | ||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | ||||
| CVE-2008-4086 | 1 Source Workshop | 1 Reciprocal Links Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | ||||
| CVE-2007-5679 | 1 Deeemm | 1 Dmcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected. | ||||
| CVE-2008-4084 | 1 Myiosoft | 1 Easyclassifields | 2026-04-23 | N/A |
| SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action. | ||||
| CVE-2007-5688 | 3 Invision Power Services, Phpbb, Sebflipper | 3 Invision Power Board, Phpbb, Multi-forums Module | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters. | ||||
| CVE-2008-4080 | 1 Stash | 1 Stash | 2026-04-23 | N/A |
| SQL injection vulnerability in Stash 1.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username parameter to admin/library/authenticate.php and the (2) download parameter to downloadmp3.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4073 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action. | ||||
| CVE-2008-0675 | 1 The Everything Development Company | 1 The Everything Development Engine | 2026-04-23 | N/A |
| SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter. | ||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2026-04-23 | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | ||||
| CVE-2007-5704 | 1 Codewidgets | 1 Online Event Registration Template | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp. | ||||
| CVE-2009-1066 | 1 Getpixie | 1 Pixie Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request. | ||||
| CVE-2009-3062 | 1 Phplivesupport. | 1 Phplive\! | 2026-04-23 | N/A |
| SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | ||||